Why is there a need for a privacy policy?
We (Infomed-Verlags-AG from Wil, Switzerland), the owners of med111, make this service available via the Internet and also promote it via the Internet. Individuals who visit med111.com almost inevitably leave behind digital traces, some of which may be associated with the person who visited the site.
The current version of med111 is designed primarily for users in Switzerland who are professionals in the health care sector. Our company is registered and headquartered in Switzerland; our target market is Switzerland. The legal framework for data collection and data processing is provided by Swiss law, in particular Swiss data protection legislation and specific regulations regarding our service, such as our General Terms and Conditions for Subscriptions and these privacy policies.
Pursuant to Article 13 of the Swiss Federal Constitution and the data protection provisions of the Confederation, every person is entitled to the protection of his/her privacy and to protection against misuse of his/her personal data. With the present privacy policies we want to inform our users about how we handle personal data and what recourse users have.
Who is affected by these policies?
All users are affected, including Infomed as the operator of the med111 website. Other organizations that are affected include: providers of technical services and providers of commercial services in the broadest sense (this may be an Internet service provider or an accounting firm).
In addition, all individuals who come into contact with us and maintain contact with us - by whatever means of communication - are potentially affected. We use electronic tools to maintain all business relationships, which means personal data will be collected and processed.
The privacy of all our users and business partners as well as the protection of their data is very important to us.
It is not possible for us to establish a connection between a drug leaflet and the final recipient (i.e. the patient) of said leaflet. No end-user (patient) data is needed for the generation of the leaflets nor do we store any data that may be related to patients. We therefore cannot distribute any patient data.
There is no technical integration of med111 data with any patient, clinical or pharmacy data management systems.
Med111 website users accept these data protection regulations.
What significance do these regulations have for users of the med111 website?
In principle, a distinction can be made between non-authenticated and authenticated users (also "subscribers"). In order to be identified as a subscriber, the user must log in with his or her personal username and password.
Non-authenticated users of the med111 website only leave anonymous data traces. Subscribers leave behind personal data and personal usage data.
Which data is collected and why?
A distinction can be made between anonymous and personal usage data as well as personal data.
For non-authenticated users
For non-authenticated users of the med111 website, only anonymous data is collected. The collection and evaluation of the data is done through Google Analytics and similar tools. Google Analytics uses cookies. These are text files that are stored in the user's browser and allow an analysis of the user's behaviour on med111.
The information generated by the cookies is usually transferred to and stored on a Google server in the USA. However, we have activated IP anonymization in Google Analytics on med111, so that IP addresses are always anonymized and never stored on a Google server.
You can disable the use of cookies in your browser altogether; however, we need to point out to that in this case med111 will no longer be fully functional. By using this website, users consent to their data being collected by Google in the manner and for the purposes described above.
Furthermore, the med111 server collects various anonymous data of non-authenticated users (in so-called server log files). This data does not allow us to draw any conclusions about the person of the non-authenticated user.
This data is used to ensure the error-free operation of the med111 website and, on the other hand, to obtain certain basic statistical information about the use of the website.
For newsletter recipients
In order to receive the med111 newsletters, users must specify and store an e-mail address on our system.
Information about the recipient of the newsletter (e-mail address or name) can be matched with other data that we may have about the same person.
For users of the online contact form
Our website contains an online contact form. If a person contacts us via this contact form, the personal data transmitted is automatically stored.
Such personal data, voluntarily transmitted to us by the user, is stored for the purpose of contacting the sender. Information that we receive in connection with the contact form will not be matched against other data that we may have about the same person.
For subscribers (authenticated users)
The collection and processing of personal data is needed for a subscription. We require the following personal data:
- Title
- First name and surname
- E-mail address
An e-mail address must be unique when a user registers. If our system has already registered the same e-mail address, this e-mail address cannot be used again for a new registration.
The following data is collected about a user's interactions with med111:
- Login data
- Leaflet history (how many? which drugs? which languages? when?)
- Personal profile, organizational profile and subscription changes
Google Analytics also tracks how our pages are accessed (see "For non-authenticated users" above).
The registration of personal data and the collection and evaluation of personal user data serve various purposes:
- It is a basis for contractual relations with subscribers
- It ensures the rights and obligations agreed to in the Terms of Use
- It ensures the availability of the med111 website and a high-quality of service
- It identifies functionalities and contents that could be improved and added
- It allows us to maintain contact with the subscribers
The collection of personal data and personal usage data is inevitable for subscribers. Subscribers expressly agree to the privacy policies by accepting the Terms of Use when registering for med111.
Subscribers who wish to withdraw their consent to these privacy policies must completely refrain from using the med111 website and request that we delete their data.
We do not collect any "sensitive personal data" as defined by the Swiss Federal Act on Data Protection.
Will the data be shared? Who has insight into the data?
We may share the anonymous user data of non-authenticated users with others in an anonymous and aggregated form. In some cases, the website usage is recorded and evaluated by Google Analytics. (Further information can be found above in the section "Non-authenticated users".)
E-mail addresses are not made available to third parties in any form. In order to manage and edit the newsletters, external services (such as e.g. MailChimp) may be used. In such a case we must export e-mail addresses into the third party system. We will do our utmost to prevent misuse of e-mail addresses.
We may compare some user data in the context of partnerships with other companies or organizations. Our master data may include e-mail address, names and addresses. The aim of such a comparison would be to prevent a duplication of accounts and prevent the reception of multiple identical marketing offers. Comparing contact lists will allow us to eliminate duplicates and allot them to one of the partners. Individuals who only have an account with med111 will be contractually protected and excluded from comparison. Existing Infomed customers are also included in this effort of non-duplication.
There is a need to share personal user data with various third party data processors, who we contract for various operational aspects of our business. We make sure that we only share data that is absolutely necessary for their respective areas of business. We do not pass on any personal user data to third parties for inspection, comparison or use. If necessary, we share aggregated user data, which does not allow any conclusions about our users, but only as long as it is directly needed for the operation of the business as it relates to our users.
We do share personal data and personal usage data if a legal obligation exists.
What is being done to ensure the security of the data?
The data transmitted between the user's browser and the med111 servers is encrypted using the HTTPS protocol. In order for the encryption technology to work, the user must use a browser that supports https encryption.
We take all reasonable precautions to protect customer data from loss, manipulation or unauthorized access. However, we cannot accept any liability for third-party access, loss, misuse or falsification of data.
Which regulations apply to links and third party websites?
Third party websites that are referenced by med111, are not subject to the data protection regulations stated here. We assume no responsibility or liability for the observance of data protection by third party websites.
Who can I contact with questions and suggestions?
Users can send us their questions or suggestions regarding stored personal data or requests for changes, revocation or deletion at the following address:
Infomed-Verlags-AG
Bergliweg 17
CH-9500 Wil (SG),
Switzerland
Tel.: +41 71 910 08 66
e-mail: sekretariat@infomed.ch
Until when do these policies apply?
We reserve the right to change these privacy policies at any time and at our own discretion. We will publish such changes on the med111 website 30 days before they take effect. It is the responsibility of the beta subscribers to inform themselves regularly about the currently valid data protection regulations.